MOUNTAIN VIEW, CA--(Marketwired - Aug 14, 2017) - Dome9 Security, the public cloud security company, today announced support for automated security and compliance assessment of AWS CloudFormation templates (CFT) in the Dome9 Compliance Engine. Customers will now be able to test the security and compliance posture of their infrastructure templates and proactively harden security before deploying software-defined infrastructure in live environments. Dome9 is the only company to offer security testing for AWS CFTs prior to deployment.

According to the 2017 State of DevOps report from Puppet, organizations that incorporate security and quality early and often in the development process spend 50 percent less time remediating security issues. Much of the focus of security in DevOps, or DevSecOps, has been on application security tools and practices. A considerable gap for the development community is security testing for infrastructure blueprints. The powerful new capabilities of the Dome9 Arc platform speed up the compliance lifecycle and protect against accidental exposure and external attacks.

"Organizations are dealing with the challenge of building security into their DevOps processes to minimize incident risk without slowing down the pace of innovation," said Zohar Alon, CEO and co-founder of Dome9. "Dome9 offers DevOps and security teams an automated and, more importantly, a faster and more accurate way to ensure their infrastructure meets compliance requirements and security best practices."

Testing CFTs is a manual process today. DevOps teams create CFTs, and then submit them to the security teams for review. The back-and-forth between security and operations teams to better understand and assess CFTs creates lengthy delays and slows DevOps down while introducing the risk of errors into the process.

Dome9 solves this problem by automating the assessment of CFTs against compliance standards such as PCI DSS and industry best practice specifications such as the CIS AWS Foundations Benchmark. More specifically, the Dome9 Compliance Engine:

  • Takes care of resolving CFT parameter values and intrinsic functions and simulating the deployment of the CFT
  • Offers customers a way to run assessments programmatically using the Dome9 API, allowing security and compliance checks for CFTs to be built into DevOps scripts and workflows

Dome9 is a sponsor of the AWS Summit in New York on August 14, 2017. Visit Dome9 at booth #217 to learn more about the Dome9 Arc platform and the Dome9 Compliance Engine. Patrick Pushor, director of customer advocacy at Dome9, will present on "Effective S3 Bucket Management to Prevent and Mitigate Data Exposure" at 3 p.m. ET. To schedule a meeting with the Dome9 team while at the show, please contact us via email:

Additional Resources:
For a free trial of Dome9:
To learn about Dome9 Arc:
Follow us on Twitter: @dome9
Connect with us on LinkedIn:

About Dome9
Dome9 delivers verifiable cloud infrastructure security and compliance to organizations across every public cloud. The Dome9 Arc SaaS platform leverages cloud-native security controls and cloud-agnostic policy automation to enable comprehensive network security, advanced IAM protection, and continuous compliance in Amazon Web Services (AWS), Microsoft Azure and Google Cloud environments. Dome9 offers technologies to assess security posture, detect misconfigurations, model gold standard policies, protect against attacks and identity theft, and conform to security best practices in the cloud. Organizations use Dome9 Arc for faster and more effective cloud security operations, pain-free compliance and governance, and rugged DevOps practices. Learn more at

Contact Information:

Contact info:

Travis Anderson